kunthawat/consentos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

fix(nginx): strip /api prefix in proxy_pass (api_prefix is /api/v1)
Some checks failed
CI / Detect changes (push) Has been cancelled
Details
CI / API Lint (push) Has been cancelled
Details
CI / API Tests (push) Has been cancelled
Details
CI / Scanner Lint (push) Has been cancelled
Details
CI / Scanner Tests (push) Has been cancelled
Details
CI / Banner Lint & Typecheck (push) Has been cancelled
Details
CI / Banner Tests (push) Has been cancelled
Details
CI / Banner Build (push) Has been cancelled
Details
CI / Admin UI Typecheck (push) Has been cancelled
Details
CI / Admin UI Tests (push) Has been cancelled
Details
CI / Admin UI Build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Ami
2026-04-21 11:36:01 +07:00
parent f8cdbf8d74
commit 1c2bdbf310
1 changed files with 60 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
apps/admin-ui/nginx.conf
View File

@@ -1,59 +1,70 @@
server {
listen 80;
root /var/www/html;
index index.html;
worker_processes auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log warn;
# Health check endpoint for nginx itself
location = /health {
access_log off;
return 200 "nginx ok\n";
add_header Content-Type text/plain;
}
events {
worker_connections 1024;
}
# Banner entry points — cross-origin script loads from customer
# sites, so they need permissive CORS.
location = /consent-loader.js {
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
add_header Cache-Control "public, max-age=3600" always;
try_files $uri =404;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
location = /consent-bundle.js {
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
add_header Cache-Control "public, max-age=3600" always;
try_files $uri =404;
}
server {
listen 80;
root /var/www/html;
index index.html;
# Proxy API requests to FastAPI backend
location /api/ {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Health check endpoint
location = /health {
access_log off;
return 200 "nginx ok\n";
add_header Content-Type text/plain;
}
# Proxy /docs, /openapi.json to FastAPI (Swagger UI)
location /docs {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
}
# Banner entry points
location = /consent-loader.js {
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
add_header Cache-Control "public, max-age=3600" always;
try_files $uri =404;
}
location /openapi.json {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
}
location = /consent-bundle.js {
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
add_header Cache-Control "public, max-age=3600" always;
try_files $uri =404;
}
# SPA fallback — serve index.html for all other routes
location / {
try_files $uri $uri/ /index.html;
}
# Proxy API requests to FastAPI backend — strip /api prefix
location /api/ {
proxy_pass http://127.0.0.1:8000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Cache static assets
location /assets/ {
expires 1y;
add_header Cache-Control "public, immutable";
location /docs {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
}
location /openapi.json {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
}
# SPA fallback
location / {
try_files $uri $uri/ /index.html;
}
location /assets/ {
expires 1y;
add_header Cache-Control "public, immutable";
}
}
}